Documentation
¶
Index ¶
- Constants
- Variables
- func NewAccountGrpcClient(conn GrpcConn) v13.AccountServer
- func NewAuthGrpcClient(conn GrpcConn) v12.AuthServer
- func NewPermissionGrpcClient(conn GrpcConn) v15.PermissionServiceServer
- func NewRefreshProvider(srv v1.AuthServer, logger klog.Logger) session.RefreshTokenProvider
- func NewRoleGrpcClient(conn GrpcConn) v14.RoleServiceServer
- func NewUserGrpcClient(conn GrpcConn) v1.UserServiceServer
- type GrpcConn
- type HttpClient
- type PermissionChecker
- func (r *PermissionChecker) AddGrant(ctx context.Context, resource authz.Resource, action authz.Action, ...) error
- func (r *PermissionChecker) IsGrantTenant(ctx context.Context, requirements authz.RequirementList, tenantID string, ...) ([]authz.Effect, error)
- func (r *PermissionChecker) ListAcl(ctx context.Context, subjects ...authz.Subject) ([]authz.PermissionBean, error)
- func (r *PermissionChecker) RemoveGrant(ctx context.Context, subject authz.Subject, filter ...authz.FilterFunc) error
- func (r *PermissionChecker) UpdateGrant(ctx context.Context, subject authz.Subject, ...) error
- type UserTenantContrib
Constants ¶
View Source
const ( ResourcePermission = "permission" ResourceUser = "user.user" ResourceRole = "user.role" )
View Source
const ServiceName = "user"
Variables ¶
View Source
var GrpcProviderSet = wire.NewSet( NewUserTenantContrib, NewRefreshProvider, NewRemotePermissionChecker, wire.Bind(new(authz.PermissionChecker), new(*PermissionChecker)), wire.Bind(new(authz.PermissionManagementService), new(*PermissionChecker)), NewGrpcConn, NewUserGrpcClient, NewAuthGrpcClient, NewAccountGrpcClient, NewRoleGrpcClient, NewPermissionGrpcClient)
Functions ¶
func NewAccountGrpcClient ¶
func NewAccountGrpcClient(conn GrpcConn) v13.AccountServer
func NewAuthGrpcClient ¶
func NewAuthGrpcClient(conn GrpcConn) v12.AuthServer
func NewPermissionGrpcClient ¶
func NewPermissionGrpcClient(conn GrpcConn) v15.PermissionServiceServer
func NewRefreshProvider ¶
func NewRefreshProvider(srv v1.AuthServer, logger klog.Logger) session.RefreshTokenProvider
NewRefreshProvider return session.RefreshTokenProvider
Read session -> Call v1.AuthServer to exchange token -> invalid, sign out.
func NewRoleGrpcClient ¶
func NewRoleGrpcClient(conn GrpcConn) v14.RoleServiceServer
func NewUserGrpcClient ¶
func NewUserGrpcClient(conn GrpcConn) v1.UserServiceServer
Types ¶
type GrpcConn ¶
type GrpcConn grpc.ClientConnInterface
func NewGrpcConn ¶
func NewGrpcConn(clientName api.ClientName, services *conf.Services, dis registry.Discovery, opt *api.Option, tokenMgr api.TokenManager, logger log.Logger, opts ...grpc2.ClientOption) (GrpcConn, func())
type HttpClient ¶
type PermissionChecker ¶
type PermissionChecker struct {
// contains filtered or unexported fields
}
PermissionChecker impl authz.PermissionChecker and authz.PermissionManagementService from calling remote service
func NewRemotePermissionChecker ¶
func NewRemotePermissionChecker(srv v1.PermissionServiceServer) *PermissionChecker
func (*PermissionChecker) IsGrantTenant ¶
func (*PermissionChecker) ListAcl ¶
func (r *PermissionChecker) ListAcl(ctx context.Context, subjects ...authz.Subject) ([]authz.PermissionBean, error)
func (*PermissionChecker) RemoveGrant ¶
func (r *PermissionChecker) RemoveGrant(ctx context.Context, subject authz.Subject, filter ...authz.FilterFunc) error
func (*PermissionChecker) UpdateGrant ¶
func (r *PermissionChecker) UpdateGrant(ctx context.Context, subject authz.Subject, acl []authz.UpdateSubjectPermission) error
type UserTenantContrib ¶
type UserTenantContrib struct {
// contains filtered or unexported fields
}
UserTenantContrib impl saas.TenantResolveContrib from calling remote or local service.
check whether user can present in a tenant
func NewUserTenantContrib ¶
func NewUserTenantContrib(client v1.UserServiceServer) *UserTenantContrib
func (*UserTenantContrib) Name ¶
func (u *UserTenantContrib) Name() string
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.